Wapack Labs has identified a new research paper regarding a Key Reinstallation Attack (KRACK), a cryptographic attack that can be used to attack all modern Android and Linux-based Wi- Fi routers utilizing the WPA2 protocol - 41% of Android devices are vulnerable to this type of attack. If the attacker is within range of the victim's Wi-Fi, KRACK makes it possible to inject and manipulate data and eavesdrop on communications. This is done by tricking the devices to re-install a zero value for the encryption key. This attack is carried out against the 4-way handshake of the WPA2 protocol. When a client connects to a network, a 4-way handshake between the client and server (router) is performed. A fresh encryption key is then issued and used to encrypt all subsequent traffic. A KRACK attacker tricks the victim into re-installing an already-in-use key. By replaying the cryptographic handshake messages, the cryptographic keys can be re-used. Wapack Labs has observed Linux patches being released and expects major distributions to have updates within the next 24-48 hours. As of yet, there is no available Proof-of-Concept (PoC) code or scanners for this vulnerability. Microsoft has issued a patch, but Apple has not yet publicly addressed this vulnerability. Many router manufacturers have issued public statements, yet no patch information has been provided. An additional concern is that many variations of operating systems are maintained by countless distributors, making the release of patch information a complicated task...READ MORE
Wapack Labs has cataloged and reported on cryptographic attacks in the past. An archive of related reporting can be found in the Red Sky Alliance portal.